Configuring permissions and roles

In order to administer any SharePoint Online features, you'll need to have (at a minimum) the SharePoint Service Administrator role granted through the Microsoft 365 Admin Center. When you create your Office 365 tenant, you'll only have a single Global Administrator, and that user will have full rights to all the services inside the tenant. You can further restrict permissions to manage SharePoint Online by using the built-in SharePoint Admin role.

The following table lists the core rights and responsibilities that are assigned to the SharePoint Admin role:

Administrative Rights Description
Apps Create an App Catalog site to make apps available for users to install.
Business Connectivity Services Create Business Connectivity Services (BCS) configurations to external data sources, such as Windows Communication Foundation (WCF) web services or Azure SQL Database tables.
Hybrid Configure SharePoint Online hybrid between a SharePoint Server farm and the SharePoint Online tenant.
InfoPath Deploy web-based forms using InfoPath Forms Services.
Records management Manage items tagged as records in place or move records in a specific archive.
Search Customize the search experience for users, including defining additional searchable properties in the schema, query rules, and result sources.
Secure store Manage the Secure Store Service, a credential management and authorization service.
Settings Manage SharePoint Online tenant-wide settings, such as external sharing, Office Graph, and rights management.
Site collections Create, delete, and manage site collections and settings.
Term store Use the Term Store to centrally manage metadata information used across the tenant. The Term Store admin is an additional role that's designated in addition to the SharePoint Admin role.
User profiles Define the user profile policies and settings.
In order to administer SharePoint Online, administrators must be assigned a SharePoint Online license. Also, while you may configure restrictions on who can create Office 365 Groups, SharePoint Admins will still be able to create them regardless, since they are connected to modern SharePoint sites. While the Global Admin has the rights to perform all SharePoint tasks, it's regarded as good practice to use the least amount of privilege necessary to perform duties.

Understanding the roles, permissions, and limitations in the SharePoint online environment is critical to ensuring users and administrators have the appropriate amount of access to resources and data in order to perform their duties.

 Granting the SharePoint Administrator role through the Microsoft 365 Admin Center is a straightforward task:

  1. Navigate to the Microsoft 365 Admin Center (https://admin.microsoft.com).
  2. Expand Users | Active Users.
  3. Select a user.
  4. Under Roles, select Edit.
  5. Select the Customized administrator radio button.
  6. Select the checkbox for SharePoint Administrator.
  7. Click Save.

Once you have been granted the appropriate rights, you can start managing the environment.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset